In case a report is greater than HID_MAX_BUFFER_SIZE, it is truncated,but the report-number byte is not correctly handled. This results in aoff-by-one in the following memset, causing a kernel Oops and ensuingsystem crash.

Note: With commit 8ec321e96e05 ("HID: Fix slab-out-of-bounds read inhid_field_extract") I no longer hit the kernel Oops as we instead fail"controlled" at probe if there is a report too long in the HIDreport-descriptor. hid_report_raw_event() is an exported symbol, sopresumabely we cannot always rely on this being the case.